SecurityEnglish · 2 years ago

TootRoot | Mastodon had a Critical Security Vulnerability

1

6

TootRoot | Mastodon had a Critical Security Vulnerability

SecurityEnglish · 2 years ago

1

Mastodon had a Critical Security Vulnerability

In this video I discuss the recent security updates to Mastodon to fix critical security vulnerabilities that allowed for cross site scripting through oEmbed...

Security advisorys: https://github.com/mastodon/mastodon/security

Chat

ruffslOP
link
fedilink
English
arrow-up
2·
2 years ago
For anybody wondering what the Mastodon security issue is - CVE-2023-36460, you can send a toot which makes a webshell on instances that process said toot. #CVE202336460 #TootRoot

https://cyberplace.social/@GossiTheDog/110667416012211236

Security

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

A community for discussion about cybersecurity, hacking, cybersecurity news, exploits, bounties etc.

Rules :

All instance-wide rules apply.
Keep it totally legal.
Remember the human, be civil.
Be helpful, don’t be rude.

Icon base by Delapouite under CC BY 3.0 with modifications to add a gradient

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

1 user / day
1 user / week
1 user / month
160 users / 6 months
220 local subscribers
688 subscribers
73 Posts
120 Comments
Modlog

mods:
LinearArray